Question for XB Steve - Geo Location defeats Xerobank

I was a little shocked to see that geo location could defeat Xerobank.

With all of my browser plugins it does not work. It shows Texas......while I am connected to Canada's exit node. But when I uninstalled Firefox, reinstalled with no addons, and went to this blog http://blog.mozilla.com/webdev/2009/05/01/geolocation-in-the-browser/ with Xerobank connected, it easily gave almost my exact location......within a stone's throw of my home.

True, it does not work with XB Browser. But how many customers even know about this problem?? And not everyone uses XB Browser all the time.

How is my location being revealed while I am connected to Xerobank? Is there some kind of satellite connection? And by disabling the geo location feature in fireox, does this *really* mean that this problem is resolved?? It seems like a whole new issue altogether.

Geolocation stuff from Firefox is sent within packet traffic from your computer. A VPN protects the identity of your connection (IP address) but it doesn't inspect packets for what you (or your browser chooses to send.

If Firox is getting accurate info for you then you must be using a local wifi network.

Yes, disabling geolocation in Firefox will prevent it from doing geolocation. If you are a bit paranoid then you can remove the link referenced by geo.wifi.uri in about:config (then even if enabled it wouldn't know a sevice to resolve with).

Yes, it's the WiFi. Basically, Firefox looks at all of the WiFi routers that your computer can see, gets their MAC addresses, and looks them up in an online database (Google's by default, and there are others). I don't see why it couldn't log signal strength as well. In an urban context, they could probably determine which room you're in!

Bottom line -- don't use WiFi when you're being anonymous. Or do as mvario recommends, and trust that some other app isn't doing it.

damn thats scary. fine i can turn it off or use xerobank browser but its the other bits i don't know about that worry me. suddenly that monthly vpn payment seems alot larger. though yes, turning off wifi does help...rather alot.

Do you expect your VPN to protect your info if you email someone and tell them where you are? No, of course not. Think of geolocation services (at least all the ones NOT done by IP address) as the same thing. It's out of the purview of the VPN. Your browser is sending the info based on other factors. Right now the primary one is look-ups in a database of wireless access point MAC addresses. In the future as more computers start containing integrated GPS then that will be the primary means. The information is sent from layer 7, so you have to control it at the application.

Remember, you are the one to choose whether to send the info, and at least with Firefox you can disable it entirely. It's not tracking you, you are (your browser actually) telling where you are. The VPN is doing exactly what it is supposed to do.

Do you expect your VPN to protect your info if you email someone and tell them where you are? No, of course not. Think of geolocation services (at least all the ones NOT done by IP address) as the same thing. It's out of the purview of the VPN. Your browser is sending the info based on other factors. Right now the primary one is look-ups in a database of wireless access point MAC addresses. In the future as more computers start containing integrated GPS then that will be the primary means. The information is sent from layer 7, so you have to control it at the application.

Remember, you are the one to choose whether to send the info, and at least with Firefox you can disable it entirely.

Click to expand...

Very true. it does really highlight how carefull you have to be if you really do want to have and sense of anonymity or privacy. Or at the least how little info needs to be let "slip" to have you identified.

Right. "ROUTERNAME", "DLINK" and "MYISP2063" are the three WiFi routers that your machine was seeing. Given the locations of those three routers, one could triangulate your machine's location. And BTW, you may want to redact those MACs, if they're real.

Right. "ROUTERNAME", "DLINK" and "MYISP2063" are the three WiFi routers that your machine was seeing. Given the locations of those three routers, one could triangulate your machine's location. And BTW, you may want to redact those MACs, if they're real.

Click to expand...

Yes i had changed some numbers in each MAC address, as well as the signal strengths so the data isn't real but still conveys exactly what was sent via POST to the Google json URL.

Triangulation indeed, my location was marked as across the street from my house so it was within 50 meters (150 feet) and i'm in rural Australia. If you go in to street view where the geo location marked, you can see my house.

I suspect that leeching WiFi is to CYA if your anonymity/privacy solution fails. IMHO, that's no longer such a great strategy. Also, I'm not very comforted by the fact "it's easily disabled" in browsers. Perhaps it'll show up in less obvious ways.

I didn't think that your MAC address was visible on the internet. But anyway, I downloaded one of those free MAC address changers and ran it. It had no effect on the geo location.

Here is my concern. Just because firefox asks your permission, does that mean that some other process is not doing it without your permission? How about other applications like Skype? Can they do this too? Is there really any way to know?

If I turn off my router and plug my connection directly into the computer will that prevent this from happening? Or does anyone truly know?

I didn't think that your MAC address was visible on the internet. But anyway, I downloaded one of those free MAC address changers and ran it. It had no effect on the geo location.

Click to expand...

Your MAC address isn't visible on the Internet, and your MAC address isn't used for geolocation. The mac addresses that are used are those of the wireless access points that your computer can see. Geolocation providers, like Google and Loki, have large databases of access point MAC addresses and corresponding locations.

Here is my concern. Just because firefox asks your permission, does that mean that some other process is not doing it without your permission? How about other applications like Skype? Can they do this too? Is there really any way to know?

Click to expand...

Is there really any way to know what any application is doing? If you don't trust the application don't install it. There are worse things an application can do than just get your location information. But no, there is nothing inherent in the geolocation process that forces it to ask for permission. All it does is send the list of the MAC addresses it sees to a database that sends back longitude and latitude information.

If I turn off my router and plug my connection directly into the computer will that prevent this from happening? Or does anyone truly know?

Click to expand...

Sure. Without access point data geolocation falls back to using your IP address to try and determine where you are. It might not happen immediately though, I'm not sure if the MAC info is cached for any length of time. And you don't have to turn off your router, just use a wired connection and disable your on your computer.

Youryour MAC address isn't used for geolocation. The mac addresses that are used are those of the wireless access points that your computer can see. Geolocation providers, like Google and Loki, have large databases of access point MAC addresses and corresponding locations.

Click to expand...

I am confused. My computer connects through my wireless router. Are you saying that Google has my router on their list?

I am confused. My computer connects through my wireless router. Are you saying that Google has my router on their list?

Click to expand...

Possibly. At minimum, the MAC address of at least one of the wifi access points that your computer can "see". That's how it works. Google, and Skyhook/Loki, and some other companies have databases of wireless access point MAC addresses and locations.

Possibly. At minimum, the MAC address of at least one of the wifi access points that your computer can "see". That's how it works. Google, and Skyhook/Loki, and some other companies have databases of wireless access point MAC addresses and locations.

Click to expand...

It actually show me as being around the corner and down the street a little. I may just start connecting straight into the computer for most of the time. Thanks for bringing this to light.

Where do Google etc. get physical addresses for WiFi routers? They must be using physical addresses for IPs from whois databases, yes?

The physical address listed for my true IP is several Km from here. However, the physical addresses for some of my neighbors' IPs are different, because they use different ISPs. I can see how averaging over all of the WiFi routers within range could yield a more-accurate physical address. Or not.

Where do Google etc. get physical addresses for WiFi routers? They must be using physical addresses for IPs from whois databases, yes?

Click to expand...

No. The location has nothing to do with IP address, it's purely tied to the wireless MAC address. I'm not sure of the specifics on how Google compiled their database. Skyhook/Loki does their's by wardriving (http://en.wikipedia.org/wiki/Skyhook_Wireless). I would assume Google does it the same way. I wouldn't be surprised if the vans they use to collect image data for Street View do double-duty collecting wireless data.

Here's a web interface to another location provider called Geomena, this one is open/Creative Commons, and their database is pretty tiny by comparison, so chances are your AP won't be in their database:http://geomena.org/

This makes me think of an article I posted a while back about a technique that was used to catch some people sharing child porn. They (the child porn guys) were using a peer to peer network. I assume something like Limewire?? But the investigators would somehow get an idea as to where there person was and drive up to their house and point some kind of device at their router. I think they called it a "copy router" or something.

Another member here, Jesus, said that it was probably some kind of geo location. In the article they said that to do this, the ISP had to install some kind of software, but after that the ISP did not have to do anything. I bet the software gives away your general location without the need for any assistance from Firefox. And then maybe when they point that device around trying to pin point the exact location, they are picking up some kind of unique identifier that the software has created.

So sure this can be used to quickly identify people sharing child porn. And it can also identify whistle blowers, anonymous bloggers, peace groups, gay rights activists, the Wiccans or just about anyone that you can think of.....with no need for probable cause, oversight, or a warrant. Fishing Season is now open.

Seems like a very interesting topic. To summarize how to avoid geolocation so far:

1.) Dont use wireless access points if you want to be 100% anonymous

2.) If you do, ensure your browser has geolocation disabled.

In Firefox, enter about:config and turn off the geo.enabled preference.
I also cleared out the websites (google and mozilla were listed) in the geo-wifi and browers.geo preference tabs.

Anymore suggestions?

Click to expand...

The simplest, Just Say No
when you get the pop-down asking if you want to share your location info if you don't wish to do so.
I expect Chrome users may have to do that as I haven't heard of a way to permanently disable it in version 5, though I guess one could block the locations services lookup address at the firewall.